DERUUA

Latest news about information security vulnerabilities, threats, incidents and events

information security incidents

Prevention of security vulnerabilities, threats, and incidents described below is wiser and cheaper than forensic investigations and mitigation of the consequences of a cyber-attack.

You can get evidence of this fact from the news below.

Use our services to find and mitigate your security vulnerabilities before the security threat agents find them.




More Attackers Have Begun Using Zero-Day Exploits - Dark Reading

Data breaches and regulations have forced organizations to pay closer attention to the security incident response function. However, security leaders may be overestimating their ability to detect and respond to security incidents...
More details.

Posted on 6 April 2020 11:54 pm


FBI warns again of BEC scammers exploiting cloud email services

Sorin Mustaca's IT Security news and articles about information security, vulnerabilities, exploits, patches, releases, software, features, hacks, laws, spam, viruses, malware, breaches. FBI’s Internet Crime Complaint Center (IC3) has issued today a public service announcement warning of...
More details.

Posted on 6 April 2020 11:26 pm


80% of all exposed Exchange servers still unpatched for critical flaw

By GIXnews More than 350,000 of all Microsoft Exchange servers currently exposed on the Internet haven’t yet been patched against the CVE-2020-0688 post-auth remote code execution vulnerability affecting all supported Microsoft Exchange Server versions...
More details.

Posted on 6 April 2020 10:42 pm


A Brisk Private Trade in Zero-Days Widens Their Use - Threatpost

There were more zero-days exploited in 2019 than any of the previous three years, according to telemetry from FireEye Mandiant. The firm said that’s likely due to more zero-days coming up for sale by cyber-weapons dealers like NSO Group; a growing commercial market has made such tools much more widely available...
More details.

Posted on 6 April 2020 10:24 pm


USN-4318-1: Linux kernel vulnerabilities

6 April 2020 linux, linux-hwe vulnerabilities. A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 18.04 LTS; Ubuntu 16.04 LTS Summary. Several security issues were fixed in the Linux kernel...
More details.

Posted on 6 April 2020 10:23 pm


Mozilla scrambles to plug two Firefox holes exploited in the wild by hackers to hijack victims’ computers

Update now before it’s too late. Mozilla has released security updates for its Firefox browser in conjunction with a US Cybersecurity and Infrastructure Security Agency (CISA) advisory warning that critical vulnerabilities in the browser are being actively exploited...
More details.

Posted on 6 April 2020 9:22 pm


South Korea-Linked Hackers Targeted Chinese Government via VPN Zero-Day

A threat actor linked to South Korea has launched attacks against Chinese government agencies using a zero-day vulnerability affecting a local VPN service, Chinese cybersecurity firm Qihoo 360 reported on Monday...
More details.

Posted on 6 April 2020 7:21 pm


White House strategy paper to secure 5G envisions America leading global 5G development

With curiously little fanfare, the White House released last week a six-page document called the National Strategy to Secure 5G , a blueprint that was mandated by the Secure 5G and Beyond Act. That bill, signed into law by President Trump on the same day, March 23, that the White House released its...
More details.

Posted on 6 April 2020 5:33 pm


Travelers head on limiting cyber exposure during the coronavirus pandemic - Insurance Business ASIA

As an attorney in the United States, head of cyber at Travelers Europe, Davis Kessler (pictured), was working on litigating coverage disputes, mainly on crime policies, when he saw that an increased number of those claims were computer related...
More details.

Posted on 6 April 2020 4:14 pm


Prosecutors: 'Zoom-Bombing' Could Lead to Charges

Those who hack video conferences, such as via Zoom bombing , are violating federal and state laws and could face prosecution, U.S. law enforcement officials say. See Also: Live Webinar | More Data, More Problems: Applying the Right Automation to Propel Security Operations In a statement released Friday, the U...
More details.

Posted on 6 April 2020 3:58 pm


Zoom Promises Geo-Fencing, Encryption Overhaul for Meetings

Working from home has led to numerous groups, including the British Cabinet, relying more heavily on videoconferencing tools. Zoom, responding to new research that identified encryption and infrastructure shortcomings in its audio and video conferencing software, has promised to further revamp its security controls...
More details.

Posted on 6 April 2020 3:20 pm


Truth, Trust and Cybersecurity Risk

It is a sad reflection on the times, but it is becoming increasingly difficult to distinguish among true and false “facts,” accurate and misleading interpretations, and personal and politically-expedient beliefs...
More details.

Posted on 6 April 2020 1:43 pm


Millions of Digital Wallets Exposed by Key Ring

The popular digital wallet application Key Ring recently exposed information belonging to millions of its users, vpnMentor reports. Key Ring is an application that creates a digital wallet on the user’s phone and allows them to upload scans and photos of membership and loyalty cards, but many also...
More details.

Posted on 6 April 2020 11:49 am


Docker Users Targeted with Crypto Malware Via Exposed APIs

6 Apr 2020 News Docker Users Targeted with Crypto Malware Via Exposed APIs. Hackers are attempting to compromise Docker servers en masse via exposed APIs in order to spread cryptocurrency mining malware, according to researchers...
More details.

Posted on 6 April 2020 10:16 am


#cybersecurity | #comptia | #info | Amid a Major Skills Shortage, CISOs Are Turning to Security Analytics and Threat Intelligence | #cybersecurity | #informationsecurity

Category: Breaking News Studies focused on cybersecurity as a profession find each year that skills in the area are rare, and expensive at that. This year is no different. While IT leaders are starting to take steps to mitigate this issue, organizations worldwide remain at risk for doing too little, too late...
More details.

Posted on 6 April 2020 9:40 am


Vigil@nce - F5 BIG-IP: denial of service via TMM Connector Profile

April 2020 by Vigil@nce This bulletin was written by Vigil@nce : SYNTHESIS OF THE VULNERABILITY. https://vigilance.fr/computer-vulne... Impacted products: BIG-IP Hardware, TMOS. Severity: 2/4. Consequences: denial of service on server, denial of service on service...
More details.

Posted on 6 April 2020 8:53 am


Mozilla addresses two zero-day bugs exploited in the wild

Mozilla has released Firefox 74.0.1 and Firefox ESR 68.6.1 to fix two critical vulnerabilities which are being exploited in the wild by hackers. Both flaws allow a remote attacker to execute an arbitrary code and compromise a vulnerable system...
More details.

Posted on 6 April 2020 7:16 am


Apple fixes serious flaw that could allow hackers watch users over webcam: Researcher rewarded $75,000

Apple's reputation is unshakeable in the market when it comes to device security. Over the years, the Safari browser has shown signs of bugs that can be exploited by a hacker to take over the victim's microphone and camera on macOS and iOS devices...
More details.

Posted on 5 April 2020 9:53 am


Jope Virus File( .jope ) Removal and Recovery

Jope Virus (.Jope Files) – Ransomware Removal Guide. Jope virus has locked your files? Read more about the Jope virus threat in this article and see how you can remove it completely and restore your data...
More details.

Posted on 5 April 2020 5:39 am


Facebook tried to buy Pegasus to monitor Apple users: NSO CEO

In court documents filed during an ongoing lawsuit in which Facebook has sued the NSO Group for snooping on WhatsApp users last year including in India, NSO CEO Shalev Hulio claimed that "two Facebook representatives approached NSO in October 2017 and asked to purchase the right to use certain capabilities of Pegasus"...
More details.

Posted on 5 April 2020 4:56 am


Hospitals fighting outbreak at risk of cyber attack, Interpol warns - Aberdeen Evening Express

Cybercriminals are exploiting the coronavirus crisis and threatening to hold hospitals to ransom despite the life-saving work they are carrying out, Interpol has warned. It has issued a global alert to health care organisations about the ransomware attacks, often disguised as official advice from...
More details.

Posted on 4 April 2020 6:54 pm


USN-4317-1

A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 19.10 - Ubuntu 18.04 LTS - Ubuntu 16.04 LTS. Summary: Firefox could be made to crash or run programs as your login if it opened a malicious website...
More details.

Posted on 4 April 2020 5:30 pm


Emotet Malware Shut Down Microsoft’s Entire Network By Overheating PCs

E Shutterstock motet is one of the notorious malware wreaking havoc across industries by hacking systems. In that latest attack, it took down an entire network of Microsoft by overheating computers. According to a report by Microsoft Detection and Response Team (DART), Emotet tricked one Microsoft employee into opening a malicious email attachment...
More details.

Posted on 4 April 2020 1:27 pm


Zoomed In: A Look into a Coinminer Bundled with Zoom Installer

By Raphael Centeno and Llallum Victoria. Many companies around the world have transitioned to work-from-home arrangements because of growing concerns over the COVID-19 global health crisis . This new setup has highlighted the usefulness of video conferencing apps...
More details.

Posted on 4 April 2020 6:51 am


AA20-073A: Enterprise VPN Security

Original release date: March 13, 2020. Summary. As organizations prepare for possible impacts of Coronavirus Disease 2019 (COVID-19), many may consider alternate workplace options for their employees...
More details.

Posted on 13 March 2020 12:08 pm


SweynTooth Vulnerabilities

This ALERT details vulnerabilities in SweynTooth's Bluetooth Low Energy (BLE) proof-of-concept (PoC) exploit code. This report was released without coordination with some of the affected vendors and without advance coordination with CISA...
More details.

Posted on 3 March 2020 3:20 pm


AA20-049A: Ransomware Impacting Pipeline Operations

Original release date: February 18, 2020. Summary. Note: This Activity Alert uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK™) framework. See the MITRE ATT&CK for Enterprise and ATT&CK for Industrial Control Systems (ICS) frameworks for all referenced threat actor techniques and mitigations...
More details.

Posted on 18 February 2020 1:06 pm


AA20-031A: Detecting Citrix CVE-2019-19781

Original release date: January 31, 2020 | Last revised: February 18, 2020. Summary. Unknown cyber network exploitation (CNE) actors have successfully compromised numerous organizations that employed vulnerable Citrix devices through a critical vulnerability known as CVE-2019-19781...
More details.

Posted on 31 January 2020 6:07 pm


AA20-020A: Critical Vulnerability in Citrix Application Delivery Controller, Gateway, and SD-WAN WANOP

Original release date: January 20, 2020 | Last revised: January 27, 2020. Summary. Note: As of January 24, 2020, Citrix has released all expected updates in response to CVE-2019-19781. [1]   On January 19, 2020, Citrix released firmware updates for Citrix Application Delivery Controller (ADC) and Citrix Gateway versions 11...
More details.

Posted on 20 January 2020 2:54 pm


AA20-014A: Critical Vulnerabilities in Microsoft Windows Operating Systems

Original release date: January 14, 2020. Summary. New vulnerabilities are continually emerging, but the best defense against attackers exploiting patched vulnerabilities is simple: keep software up to date...
More details.

Posted on 14 January 2020 5:46 pm


AA20-010A: Continued Exploitation of Pulse Secure VPN Vulnerability

Original release date: January 10, 2020. Summary. Unpatched Pulse Secure VPN servers continue to be an attractive target for malicious actors. Affected organizations that have not applied the software patch to fix a remote code execution (RCE) vulnerability, known as CVE-2019-11510, can become compromised in an attack...
More details.

Posted on 10 January 2020 11:45 am


AA20-006A: Potential for Iranian Cyber Response to U.S. Military Strike in Baghdad

Original release date: January 6, 2020. Summary. The Cybersecurity and Infrastructure Security Agency (CISA) is sharing the following information with the cybersecurity community as a primer for assisting in the protection of our Nation’s critical infrastructure in light of the current tensions between the Islamic Republic of Iran and the United States and Iran’s historic use of cyber offensive activities to retaliate against perceived harm...
More details.

Posted on 6 January 2020 8:01 pm


AA19-339A: Dridex Malware

Original release date: December 5, 2019 | Last revised: January 2, 2020. Summary. This Alert is the result of recent collaboration between the Department of the Treasury Financial Sector Cyber Information Group (CIG) and the Department of the Treasury’s Financial Crimes Enforcement Network (FinCEN) to identify and share information with the financial services sector...
More details.

Posted on 5 December 2019 2:13 pm


AA19-290A: Microsoft Ending Support for Windows 7 and Windows Server 2008 R2

Original release date: October 17, 2019 | Last revised: October 18, 2019. Summary. Note : This alert does not apply to federally certified voting systems running Windows 7. Microsoft will continue to provide free security updates to those systems through the 2020 election...
More details.

Posted on 17 October 2019 4:36 pm


Mitsubishi Electric Europe B.V. smartRTU and INEA ME-RTU (Update A)

This updated alert is a follow-up to the original alert titled ICS-ALERT-19-225-01 Mitsubishi Electric smartRTU and INEA ME-RTU that was published August 13, 2019, on the ICS webpage on us-cert.gov. CISA is aware of a public report of a proof-of-concept (PoC) exploit code vulnerability affecting Mitsubishi Electric smartRTU devices...
More details.

Posted on 10 September 2019 2:30 pm


CAN Bus Network Implementation in Avionics

CISA is aware of a public report of insecure implementation of CAN bus networks affecting aircraft. According to this report, the CAN bus networks are exploitable when an attacker has unsupervised physical access to the aircraft...
More details.

Posted on 30 July 2019 1:00 pm


AA19-168A: Microsoft Operating Systems BlueKeep Vulnerability

Original release date: June 17, 2019. Summary. The Cybersecurity and Infrastructure Security Agency (CISA) is issuing this Activity Alert to provide information on a vulnerability, known as “BlueKeep,” that exists in the following Microsoft Windows Operating Systems (OSs), including both 32- and 64-bit versions, as well as all Service Pack versions: Windows 2000 Windows Vista Windows XP Windows 7 Windows Server 2003 Windows Server 2003 R2 Windows Server 2008 Windows Server 2008 R2 An attacker can exploit this vulnerability to take control of an affected system...
More details.

Posted on 17 June 2019 1:37 pm


DICOM Standard in Medical Devices

NCCIC is aware of a public report of a vulnerability in the DICOM (Digital Imaging and Communications in Medicine) standard with proof-of-concept (PoC) exploit code. The DICOM standard is the international standard to transmit, store, retrieve, print, process, and display medical imaging information...
More details.

Posted on 11 June 2019 4:15 pm


Meltdown and Spectre Vulnerabilities (Update J)

This updated alert is a follow-up to the updated alert titled ICS-ALERT-18-011-01 Meltdown and Spectre Vulnerabilities (Update I) that was published September 11, 2018, on the NCCIC/ICS-CERT website.
More details.

Posted on 11 January 2018 5:51 pm


WAGO PFC200

NCCIC is aware of a public report of an improper authentication vulnerability affecting WAGO PFC200, a Programmable Logic Controller (PLC) device. According to this report, the vulnerability is exploitable by sending a TCP payload on the bound port...
More details.

Posted on 7 December 2017 9:11 pm


Eaton ELCSoft Vulnerabilities

NCCIC/ICS-CERT is aware of a public report of buffer overflow vulnerabilities affecting Eaton ELCSoft, a PLC programming software for Eaton Logic Control (ELC) controllers. According to the public report, which was coordinated with ICS-CERT prior to its public release, researcher Ariele Caltabiano (kimiya) working with Trend Micro's Zero Day Initiative, identified that an attacker can leverage these vulnerabilities to execute arbitrary code in the context of the process...
More details.

Posted on 4 August 2017 7:11 pm


CAN Bus Standard Vulnerability

NCCIC/ICS-CERT is aware of a public report of a vulnerability in the Controller Area Network (CAN) Bus standard with proof-of-concept (PoC) exploit code affecting CAN Bus, a broadcast based network standard...
More details.

Posted on 28 July 2017 7:34 pm


CRASHOVERRIDE Malware

CRASHOVERRIDE, aka, Industroyer, is the fourth family of malware publically identified as targeting industrial control systems (ICS). It uses a modular design, with payloads that target several industrial communication protocols and are capable of directly controlling switches and circuit breakers...
More details.

Posted on 25 July 2017 4:45 pm


Petya Malware Variant (Update C)

This updated alert is a follow-up to the updated alert titled ICS-ALERT-17-181-01B Petya Malware Variant that was published July 5, 2017, on the NCCIC/ICS-CERT web site. ICS-CERT is aware of reports of a variant of the Petya malware that is affecting several countries...
More details.

Posted on 30 June 2017 9:09 pm



What we do and what we offer.

About penetration tests and about our news.


Our certificates:

(ISC)2
CISSP
ISACA
CISA
CISM
Offensive Security
OSCP
PECB
LPTP
Microsoft
Qualys
BSI